Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

5e7b2ee24c...6N.exe

windows7-x64

7

5e7b2ee24c...6N.exe

windows10-2004-x64

7

$PLUGINSDIR/i5.exe

windows7-x64

3

$PLUGINSDIR/i5.exe

windows10-2004-x64

6

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5e7b2ee24c0a19ed58248822ca0e65ca40d154f35ff67d704ee209cd52856d76N

  • Size

    276KB

  • Sample

    241015-dv47yawdmj

  • MD5

    2721d2dc342221266f426ebd6a4f90d0

  • SHA1

    a35f0e094b0874b8102e88759fdbf615a4acc615

  • SHA256

    5e7b2ee24c0a19ed58248822ca0e65ca40d154f35ff67d704ee209cd52856d76

  • SHA512

    6e877432dd6b4060e7537689b15ccceb1909444a1cd44b6953d00bec94e244f477019d60764bd73d8015992e5985afbeaf1f66b58eb54e9dada5e4c2bc531c81

  • SSDEEP

    6144:esaocyLCJdsc9jO0HqzcRc7vBgEhC3U+zV5Di+L9ymRNF:etobGdtZG6czek8Vo+xyS

Score
7/10
discovery

Malware Config

Targets

    • Target

      5e7b2ee24c0a19ed58248822ca0e65ca40d154f35ff67d704ee209cd52856d76N

    • Size

      276KB

    • MD5

      2721d2dc342221266f426ebd6a4f90d0

    • SHA1

      a35f0e094b0874b8102e88759fdbf615a4acc615

    • SHA256

      5e7b2ee24c0a19ed58248822ca0e65ca40d154f35ff67d704ee209cd52856d76

    • SHA512

      6e877432dd6b4060e7537689b15ccceb1909444a1cd44b6953d00bec94e244f477019d60764bd73d8015992e5985afbeaf1f66b58eb54e9dada5e4c2bc531c81

    • SSDEEP

      6144:esaocyLCJdsc9jO0HqzcRc7vBgEhC3U+zV5Di+L9ymRNF:etobGdtZG6czek8Vo+xyS

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/i5.exe

    • Size

      214KB

    • MD5

      0b168b79397a1c3d5a181787e27ea323

    • SHA1

      1867e953755169de011fd12009c2f42f300a9d47

    • SHA256

      c681e32d308452ee7c24eeebb335ee86cfe42783db2289ef2caa0d0671b53d5a

    • SHA512

      3b3e2ff7ad58a677cfbd22dec0c294e0b27ec0b81e8e6e20f45ac228c90472318ec0bec15d6689180b73061b94ea750049688ee5ed95a4e1d205eb94e7d0a250

    • SSDEEP

      3072:GMU6VA1iNIsQ9JmIIdK/t6FxHySzWB4Q6ENVZ7WiU9ENogFs5rqKl4WAv8/e29X2:GMggI3Jmu/t6FsnluqKe8m2s2KHW

    Score
    6/10
    discovery

    • Drops desktop.ini file(s)

    behavioral3behavioral4

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      8KB

    • MD5

      249ae678f0dac4c625c6de6aca53823a

    • SHA1

      6ac2b9e90e8445fed4c45c5dbf2d0227cd3b5201

    • SHA256

      7298024a36310b7c4c112be87b61b62a0b1be493e2d5252a19e5e976daf674ce

    • SHA512

      66e4081a40f3191bf28b810cf8411cb3c8c3e3ec5943e18d6672414fb5e7b4364f862cba44c9115c599ac90890ef02a773e254e7c979e930946bc52b0693aad7

    • SSDEEP

      192:r/QeHNWSvUTfWdXw08LYKFaynLb3MRlbOVlR:7jBvwudT8LJxnnMRlyVlR

    Score
    3/10
    discovery
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks